10 matches found
EUVD-2024-29309
Malicious code in bioql PyPI...
KubeVirt NULL pointer dereference flaw
A NULL pointer dereference flaw was found in KubeVirt. This flaw allows an attacker who has access to a virtual machine guest on a node with DownwardMetrics enabled to cause a denial of service by issuing a high number of calls to vm-dump-metrics --virtio and then deleting the virtual machine...
CVE-2024-31420
A NULL pointer dereference flaw was found in KubeVirt. This flaw allows an attacker who has access to a virtual machine guest on a node with DownwardMetrics enabled to cause a denial of service by issuing a high number of calls to vm-dump-metrics --virtio and then deleting the virtual machine...
CVE-2024-31419
An information disclosure flaw was found in OpenShift Virtualization. The DownwardMetrics feature was introduced to expose host metrics to virtual machine guests and is enabled by default. This issue could expose limited host metrics of a node to any guest in any namespace without being explicitl...
CVE-2024-31420
KubeVirt has a NULL pointer dereference in vm-dump-metrics --virtio when DownwardMetrics is enabled. An attacker with access to a VM guest on the node can cause a DoS by issuing many calls and then deleting the VM. CVSSv3.1 base score 6.5 (I:N, A:H). No fixed version or patch details are provided...
CVE-2024-31419 Cnv: information disclosure through the usage of vm-dump-metrics
An information disclosure flaw was found in OpenShift Virtualization. The DownwardMetrics feature was introduced to expose host metrics to virtual machine guests and is enabled by default. This issue could expose limited host metrics of a node to any guest in any namespace without being explicitl...
CVE-2024-31419 Cnv: information disclosure through the usage of vm-dump-metrics
An information disclosure flaw was found in OpenShift Virtualization. The DownwardMetrics feature was introduced to expose host metrics to virtual machine guests and is enabled by default. This issue could expose limited host metrics of a node to any guest in any namespace without being explicitl...
CVE-2024-31419
CVE-2024-31419 describes an information disclosure in OpenShift Virtualization where the DownwardMetrics feature, enabled by default, exposes limited host metrics of a node to any VM guest across namespaces. The root cause is the inadvertent exposure through DownwardMetrics by default, leading to...
CVE-2024-31419
An information disclosure flaw was found in OpenShift Virtualization. The DownwardMetrics feature was introduced to expose host metrics to virtual machine guests and is enabled by default. This issue could expose limited host metrics of a node to any guest in any namespace without being explicitl...
PT-2024-24059 · Red Hat · Openshift Virtualization
Name of the Vulnerable Software and Affected Versions: OpenShift Virtualization affected versions not specified Description: An information disclosure flaw was found in OpenShift Virtualization, related to the DownwardMetrics feature, which exposes host metrics to virtual machine guests and is...